CN115001842A - Method, device, equipment and medium for accessing user information - Google Patents

Method, device, equipment and medium for accessing user information Download PDF

Info

Publication number
CN115001842A
CN115001842A CN202210727073.5A CN202210727073A CN115001842A CN 115001842 A CN115001842 A CN 115001842A CN 202210727073 A CN202210727073 A CN 202210727073A CN 115001842 A CN115001842 A CN 115001842A
Authority
CN
China
Prior art keywords
file
accessed
user information
user
field
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210727073.5A
Other languages
Chinese (zh)
Other versions
CN115001842B (en
Inventor
成金祥
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Inspur Power Commercial Systems Co Ltd
Original Assignee
Inspur Power Commercial Systems Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Inspur Power Commercial Systems Co Ltd filed Critical Inspur Power Commercial Systems Co Ltd
Priority to CN202210727073.5A priority Critical patent/CN115001842B/en
Publication of CN115001842A publication Critical patent/CN115001842A/en
Application granted granted Critical
Publication of CN115001842B publication Critical patent/CN115001842B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The application discloses a method, a device, equipment and a medium for accessing user information, and relates to the technical field of information security. The method comprises the following steps: acquiring a file to be accessed; judging whether the file to be accessed contains an authority field, wherein the authority field is generated by the configuration of a user file containing user information; and if the permission field is contained, the file to be accessed is refused to be accessed. And configuring an authority field in the user file containing the user information, wherein the authority field is used for distinguishing whether the file to be accessed contains the user information, and if the file to be accessed contains the user information, the file is refused to be accessed, so that malicious software is prevented from maliciously copying the file containing the user information through a background, the user information is prevented from being collected by the malicious software, and the user information is ensured not to be leaked.

Description

Method, device, equipment and medium for accessing user information
Technical Field
The present application relates to the field of information security technologies, and in particular, to a method, an apparatus, a device, and a medium for accessing user information.
Background
With the rapid development of the information age, mobile device terminals (such as mobile phones, portable watches, and the like) have been greatly developed, and more private information is stored in the mobile device terminals. Therefore, higher requirements are put on the storage capacity of the mobile terminal device, and cloud storage is brought about in order to meet the requirements of users for storing information. However, for some applications (which may be understood as APPs or applets) in the mobile terminal device, personal privacy information is collected in order to cater to the preferences of the customer. When an existing application program accesses a mobile terminal device, access to a file containing user information is generally limited at the mobile terminal device through a file authority mode, but even if a user sets the file authority mode as a non-permission, malicious software can maliciously copy the file containing the user information through a background, so that the purpose of collecting the user information is achieved.
In view of the above existing problems, seeking to prevent malicious software from maliciously collecting files containing user information through a background is a problem that those skilled in the art struggle to solve.
Disclosure of Invention
The application aims to provide a method, a device, equipment and a medium for accessing user information, which are used for preventing malicious software from maliciously collecting files containing the user information through a background.
In order to solve the above technical problem, the present application provides a method for accessing user information, including:
acquiring a file to be accessed;
judging whether the file to be accessed contains an authority field, wherein the authority field is generated by the configuration of a user file containing user information;
and if the permission field is contained, the file to be accessed is refused to be accessed.
Preferably, generating the permission field through the user file configuration includes:
acquiring the extension attribute of a user file;
adding an access attribute representing that the file of the user is denied to access into the extended attribute;
a plurality of permission fields are generated according to the access attributes.
Preferably, after the file to be accessed is obtained, before the step of judging whether the file to be accessed contains the permission field, the method further includes:
judging whether the reading mode of the file to be accessed is direct reading;
if yes, entering a step of judging whether the file to be accessed contains an authority field;
if not, mapping the file to be accessed to a page cache, and then judging whether the file to be accessed contains the authority field.
Preferably, after the file to be accessed is denied access, the method further comprises:
and generating prompt information for prompting the user that the file containing the user information is accessed.
Preferably, generating the plurality of rights fields according to the access attribute comprises:
and generating a plurality of permission fields by using the masccess function.
Preferably, after the file to be accessed is denied access, the method further comprises:
updating the file to be accessed at regular time;
traversing and judging whether a new user file exists in the file to be accessed;
if yes, configuring the user file with an authority field;
if not, returning to the step of obtaining the file to be accessed.
In order to solve the above technical problem, the present application further provides an apparatus for accessing user information, including:
the first acquisition module is used for acquiring a file to be accessed;
the first judgment module is used for judging whether the file to be accessed contains an authority field, wherein the authority field is generated by the configuration of a user file containing user information;
and the access refusing module is used for refusing to access the file to be accessed if the permission field is contained.
The device for accessing the user information further comprises the following modules:
the second acquisition module is used for acquiring the extended attribute of the user file;
the adding module is used for adding an access attribute representing that the user file is denied to access into the extended attribute;
and the first generation module is used for generating a plurality of permission fields according to the access attribute.
The second judgment module is used for judging whether the reading mode of the file to be accessed is direct reading;
if yes, entering a first judgment module;
if not, the file to be accessed enters a mapping module for mapping the file to be accessed to a page cache, and then the file to be accessed enters a first judgment module after mapping.
And the second generation module is used for generating prompt information and prompting the user that the file containing the user information is accessed.
And the third generation module is used for generating a plurality of permission fields by using the masccess function.
The timing updating module is used for updating the file to be accessed at a timing;
the traversal and judgment module is used for traversing and judging whether the file to be accessed has a newly added user file or not;
if yes, entering a configuration module for configuring the user file with an authority field;
if not, returning to the first acquisition module.
In order to solve the above technical problem, the present application further provides an apparatus for accessing user information, including:
a memory for storing a computer program;
a processor for pointing to a computer program implementing the steps of a method of accessing user information.
In order to solve the above technical problem, the present application further provides a computer-readable storage medium, on which a computer program is stored, and when the computer program is executed by a processor, the computer program implements the steps of the above method for accessing user information.
The method for accessing the user information provided by the application comprises the following steps: acquiring a file to be accessed; judging whether the file to be accessed contains an authority field, wherein the authority field is generated by the configuration of a user file containing user information; and if the permission field is contained, refusing to access the file to be accessed. And configuring an authority field in the user file containing the user information, wherein the authority field is used for distinguishing whether the file to be accessed contains the user information, and if the file to be accessed contains the user information, the file is refused to be accessed, so that malicious software is prevented from maliciously copying the file containing the user information through a background, the user information is prevented from being collected by the malicious software, and the user information is ensured not to be leaked.
The application also provides a device, equipment and a medium for accessing the user information, and the effects are the same as the above.
Drawings
In order to more clearly illustrate the embodiments of the present application, the drawings needed for the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings can be obtained by those skilled in the art without inventive effort.
Fig. 1 is a flowchart of a method for accessing user information according to an embodiment of the present disclosure;
FIG. 2 is a flow chart of another method for accessing user information provided by an embodiment of the present application;
fig. 3 is a block diagram of an apparatus for accessing user information according to an embodiment of the present disclosure;
fig. 4 is a block diagram of a device for accessing user information according to an embodiment of the present disclosure.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all the embodiments. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments in the present application without any creative effort belong to the protection scope of the present application.
The core of the application is to provide a method, a device, equipment and a medium for accessing user information, which can prevent malicious software from maliciously collecting files containing user information through a background.
In order that those skilled in the art will better understand the disclosure, the following detailed description will be given with reference to the accompanying drawings.
The application relates to communication between an application layer and a kernel layer in a background Linux system. When the application layer performs communication between the kernel layers, two situations are generally adopted, namely that the application layer actively transmits messages to the kernel layers and the kernel layers actively communicate with the application layers. Application layer protocols define how application processes running on different end systems pass messages to each other. In particular, it defines: the type of messages exchanged, such as request messages and response messages; syntax for various message types, such as various fields in the message and their detailed description; the semantics of the field, i.e. the meaning of the information contained in the field; rules for when, how and to respond to messages for a process; furthermore, some application layer protocols are defined by RFC documents, so they are located in the public domain, such as hypertext transfer protocol http; meanwhile, some application layer protocols are private to companies or individuals, and are located in a private domain, such as QQ.
The application layer communicates with the kernel layer through several protocols, including: domain Name System (DNS): network services for implementing network device name to protocol (IP) mapping; file Transfer Protocol (FTP): the system is used for realizing the interactive file transmission function; simple Mail Transfer Protocol (SMTP): for implementing email delivery functions, such as: MIME, POP3, IMAP; hypertext transfer protocol http: for implementing web services; simple network management protocol SNMP: for managing and monitoring network devices, such as: routers, switches, etc.; telnet protocol: the method is used for realizing the remote login function.
The domain name system DNS can be understood as a web address.
The hypertext transfer protocol http provides a function of accessing hypertext information, and is an application layer communication protocol between a WWW browser and a WWW server. A data transfer protocol specifies rules for communicating between a browser and a web server to transfer web documents over the Internet. The hypertext transfer protocol http defines how a Web client requests a Web page from a Web server and how the server transmits the Web page to the client. The hypertext transfer protocol http employs a request/response model. The client sends a request message to the server, wherein the request message comprises a request method, a URL (uniform resource locator), a protocol version, a request header and request data.
The hypertext transfer protocol http can be split into three parts, namely hypertext, transfer and protocol;
the content of the hypertext transfer protocol http transport is hypertext. In the early days of the internet, text was only simple character words, but now text can be expanded into pictures, video, compressed packets, etc., and the above-mentioned files or data can be called text in hypertext transfer protocol http. Hypertext is the most critical hyperlink of a mixture of words, pictures, videos, etc., that can jump from one hypertext to another. html documents are the most common hypertext, which are only text-only documents, but link of pictures, videos and the like are defined by a plurality of labels inside, and web pages with characters, pictures or videos can be presented after being analyzed by a browser.
Http is a two-way protocol that allows for relay or relaying. In the hypertext transfer protocol http protocol, any extra thing can be added as long as the basic data transfer is not disturbed.
HTTP is a convention and specification used specifically in the computer world to transfer data between two points. More than two participants must be present; and all participants must transmit data according to conventions and specifications.
The file transfer Protocol FTP can be classified into FTP based on Transmission Control Protocol (TCP) and TFTP based on User Data Protocol (UDP).
The simple network management protocol SNMP is a standard protocol specifically designed for managing network nodes (servers, workstations, routers, switches, HUBS, etc.) in an IP network, and is an application layer protocol. SNMP enables a network administrator to manage network performance, discover and solve network problems, and plan for network growth. The network management system receives the random message (and the event report) through the SNMP to know that the network has problems.
The Telnet protocol allows a user to dynamically interact with a remote computer, i.e., the user operates the remote computer by using input devices such as a keyboard and a mouse, runs software on the remote computer, knows running conditions on a display of the user and checks running results.
Fig. 1 is a flowchart of a method for accessing user information according to an embodiment of the present disclosure. As shown in fig. 1, a method of accessing user information includes:
s10: and acquiring the file to be accessed.
In this embodiment, the file to be accessed is one or more of all files stored in the background cache of the mobile terminal device. In one access, a plurality of files to be accessed can be acquired simultaneously, or only one file to be accessed can be accessed. In this embodiment, the number of files to be accessed that can be acquired in one access is not limited, and the files to be accessed may be acquired by setting a preset number or by user definition. It should be noted that the information stored in the file to be accessed may be stored in a text form, or may be stored in a form of secondary system data or 8421 codes. When information is stored in two-level system data, the information can be data strings of 1 bit, 2 bits, 4 bits and 8 bits, and the concrete expression can be expressed in sequence one by one as: "0", "10", "0110", "10011011"; when the information is stored in a text form, the information can be expressed as "name: xxx ", it is understood that the above mentioned data strings and text forms are only some of the embodiments, and not limited to all embodiments, and the user may select a convenient and suitable embodiment according to the specific implementation scenario.
S11: and judging whether the file to be accessed contains the permission field.
Wherein, the authority field is generated by the user file configuration containing the user information. The authority field may be expressed in a text form, or may be expressed in a secondary system data form or an 8421 code form. When the representation form is two-level system data, the data string can be 1 bit, 2 bit, 4 bit and 8 bit, and the concrete representation can be represented as follows one by one in sequence: "1", "11", "0100", "10110111"; when the expression form is a text form, the expression form may be specifically expressed as "access denial", and it is understood that the above-mentioned data string and the text form are only some of the embodiments, and not limited to all embodiments, and a user may select a convenient and appropriate embodiment according to a specific implementation scenario.
If the authority field is included, the process proceeds to step S12: refusing to access the file to be accessed; if the authority field is not contained, the process proceeds to step S13: and accessing the file to be accessed.
It should be noted that, the generating of the permission field through the user file configuration includes the following steps:
and acquiring the extended attribute of the user file. In practical applications, the extended attribute may be denoted as attr.
And adding an access attribute which is used for representing that the file of the user is refused to be accessed into the extended attribute. The access attribute may be noted as attr _ access.
And generating a plurality of permission fields according to the access attributes, wherein the permission fields are marked as PG _ access. And generating a plurality of permission fields by using the masccess function.
The method for accessing the user information provided by the application comprises the following steps: acquiring a file to be accessed; judging whether the file to be accessed contains an authority field, wherein the authority field is generated by the configuration of a user file containing user information; and if the permission field is contained, the file to be accessed is refused to be accessed. And configuring an authority field in the user file containing the user information, wherein the authority field is used for distinguishing whether the file to be accessed contains the user information, and if the file to be accessed contains the user information, the file is refused to be accessed, so that malicious software is prevented from maliciously copying the file containing the user information through a background, the user information is prevented from being collected by the malicious software, and the user information is ensured not to be leaked.
Fig. 2 is a flowchart of another method for accessing user information according to an embodiment of the present disclosure. On the basis of the above embodiment, as a more preferred embodiment, as shown in fig. 2, after acquiring the file to be accessed, before determining whether the file to be accessed contains the authority field, the method further includes:
s20: judging whether the reading mode of the file to be accessed is direct reading;
if yes, the flow proceeds to step S11: judging whether the file to be accessed contains an authority field or not;
if not, the flow proceeds to step S21: the file to be accessed is mapped to the page cache, and after this step, the flow proceeds to step S11: and judging whether the file to be accessed contains the permission field.
The storage formats of the files to be accessed are different according to different information. Some formats can be directly read, and subsequent access or access rejection operation is carried out; however, some file formats do not support direct reading, and therefore, in order to read data in a file, the file which cannot be directly read is mapped to a page cache, an intermediate conversion is found, and the file to be accessed can be read after the intermediate conversion is mapped to the page cache.
On the basis of the above embodiment, as a more preferred embodiment, after the file to be accessed is denied, the method further includes:
s22: and generating prompt information.
For prompting the user that a file containing user information is accessed. In order to improve the security of the used mobile terminal equipment in time, after the user refuses to access the file to be accessed, an alarm needs to be generated through a short message, a mailbox or a background and displayed on the mobile terminal equipment to remind the user that the private information is once refused to be accessed, so that the APP maliciously accessing the private information of the user can be inquired, and the user can unload or pull the APP into a blacklist.
On the basis of the above embodiment, as a more preferred embodiment, after the file to be accessed is denied, the method further includes:
s23: updating the file to be accessed at regular time;
s24: traversing and judging whether a new user file exists in the file to be accessed;
if yes, the flow proceeds to step S25: configuring a user file with an authority field;
if not, the process returns to step S10: and acquiring the file to be accessed.
The corresponding private information is cached in the background in consideration that the user downloads new APP (application) at intervals, takes photos, processes working files on the mobile phone and the like. In order to prevent the malicious software from accessing the newly added files and data containing the user information, the operation of updating the files to be accessed at regular time is set, and the malicious software is prevented from collecting the files and data containing the user information. The timing period can be set in a self-defined way according to the requirements of users, and can be one day, one week or one month, and the like.
In the above embodiments, detailed descriptions are given to a method for accessing user information, and the present application also provides embodiments corresponding to an apparatus for accessing user information. It should be noted that the present application describes the embodiments of the apparatus portion from two perspectives, one from the perspective of the function module and the other from the perspective of the hardware.
Fig. 3 is a block diagram of an apparatus for accessing user information according to an embodiment of the present disclosure. As shown in fig. 3, the present application further provides an apparatus for accessing user information, including:
a first obtaining module 30, configured to obtain a file to be accessed;
the first judging module 31 is configured to judge whether the file to be accessed contains an authority field, where the authority field is generated by configuring a user file containing user information;
and the access denial module 32 is used for denying access to the file to be accessed if the permission field is contained.
The device for accessing the user information further comprises the following modules:
the second acquisition module is used for acquiring the extended attribute of the user file;
the adding module is used for adding an access attribute representing that the user file is denied to access into the extended attribute;
and the first generation module is used for generating a plurality of permission fields according to the access attribute.
The second judgment module is used for judging whether the reading mode of the file to be accessed is direct reading or not;
if yes, entering a first judgment module;
if not, the access module is accessed and used for mapping the file to be accessed to the page cache, and the access module is accessed to the first judgment module after mapping.
And the second generation module is used for generating prompt information and prompting the user that the file containing the user information is accessed.
And the third generation module is used for generating a plurality of permission fields by using the masccess function.
The timing updating module is used for updating the file to be accessed at a timing;
the traversing and judging module is used for traversing and judging whether the file to be accessed has a newly added user file or not;
if yes, entering a configuration module for configuring the user file with an authority field;
if not, returning to the first acquisition module.
The method for accessing the user information provided by the application comprises the following steps: acquiring a file to be accessed; judging whether the file to be accessed contains an authority field, wherein the authority field is generated by the configuration of a user file containing user information; and if the permission field is contained, the file to be accessed is refused to be accessed. And configuring an authority field in the user file containing the user information, wherein the authority field is used for distinguishing whether the file to be accessed contains the user information, and if the file to be accessed contains the user information, the file is refused to be accessed, so that malicious software is prevented from maliciously copying the file containing the user information through a background, the user information is prevented from being collected by the malicious software, and the user information is ensured not to be leaked.
Since the embodiment of the apparatus portion and the embodiment of the method portion correspond to each other, please refer to the description of the embodiment of the method portion for the embodiment of the apparatus portion, and details are not repeated here.
Fig. 4 is a structural diagram of a device for accessing user information according to an embodiment of the present application, where as shown in fig. 4, the device for accessing user information includes:
a memory 40 for storing a computer program;
a processor 41 for implementing the steps of the method of accessing user information as mentioned in the above embodiments when executing the computer program.
The device for accessing the user information provided by the embodiment may include, but is not limited to, a smart phone, a tablet computer, a notebook computer, or a desktop computer.
Processor 41 may include one or more processing cores, such as a 4-core processor, an 8-core processor, and so forth. The processor 41 may be implemented in at least one hardware form of Digital Signal Processing (DSP), Field-Programmable Gate Array (FPGA), and Programmable Logic Array (PLA). The processor 41 may also include a main processor and a coprocessor, where the main processor is a processor for Processing data in an awake state, and is also called a Central Processing Unit (CPU); a coprocessor is a low power processor for processing data in a standby state. In some embodiments, the processor 41 may be integrated with a Graphics Processing Unit (GPU) which is responsible for rendering and drawing the content required to be displayed by the display screen. In some embodiments, processor 41 may further include an Artificial Intelligence (AI) processor for processing computational operations related to machine learning.
Memory 40 may include one or more computer-readable storage media, which may be non-transitory. Memory 40 may also include high speed random access memory, as well as non-volatile memory, such as one or more magnetic disk storage devices, flash memory storage devices. In this embodiment, the memory 40 is at least used for storing a computer program, wherein after being loaded and executed by the processor 41, the computer program can implement the relevant steps of the method for accessing user information disclosed in any of the foregoing embodiments. In addition, the resources stored in the memory 40 may also include an operating system, data, and the like, and the storage manner may be a transient storage or a permanent storage. The operating system may include Windows, Unix, Linux, and the like. The data may include, but is not limited to, methods of accessing user information, and the like.
In some embodiments, the device for accessing user information may further comprise a display screen, an input/output interface, a communication interface, a power source, and a communication bus.
Those skilled in the art will appreciate that the configuration shown in FIG. 4 does not constitute a limitation of devices for accessing user information and may include more or fewer components than those shown.
The device for accessing user information provided by the embodiment of the application comprises a memory 40 and a processor 41, wherein the processor 41 can realize the method for accessing the user information when executing the program stored in the memory 40.
Finally, the application also provides a corresponding embodiment of the computer readable storage medium. The computer-readable storage medium has stored thereon a computer program which, when being executed by a processor, carries out the steps as set forth in the above-mentioned method embodiments.
It is to be understood that if the method in the above embodiments is implemented in the form of software functional units and sold or used as a stand-alone product, it can be stored in a computer readable storage medium. Based on such understanding, the technical solutions of the present application may be embodied in the form of a software product, which is stored in a storage medium and executes all or part of the steps of the methods described in the embodiments of the present application, or all or part of the technical solutions. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (Read-Only Memory), a ROM, a Random Access Memory (RAM), a magnetic disk, or an optical disk.
The method, apparatus, device and medium for accessing user information provided by the present application are described in detail above. The embodiments are described in a progressive manner in the specification, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other. The device disclosed by the embodiment corresponds to the method disclosed by the embodiment, so that the description is simple, and the relevant points can be referred to the method part for description. It should be noted that, for those skilled in the art, it is possible to make several improvements and modifications to the present application without departing from the principle of the present application, and such improvements and modifications also fall within the scope of the claims of the present application.
It is further noted that, in the present specification, relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.

Claims (9)

1. A method for accessing user information, comprising:
acquiring a file to be accessed;
judging whether the file to be accessed contains an authority field, wherein the authority field is generated by the configuration of a user file containing user information;
and if the permission field is contained, refusing to access the file to be accessed.
2. The method of claim 1, wherein generating the permission field via the user profile configuration comprises:
acquiring the extended attribute of the user file;
adding an access attribute representing that the user file is refused to be accessed in the extended attribute;
and generating a plurality of permission fields according to the access attribute.
3. The method according to claim 1, further comprising, after the obtaining the file to be accessed and before the determining whether the file to be accessed contains the permission field, the steps of:
judging whether the reading mode of the file to be accessed is direct reading;
if yes, entering the step of judging whether the file to be accessed contains the permission field;
if not, mapping the file to be accessed to a page cache, and then entering the step of judging whether the file to be accessed contains an authority field.
4. The method for accessing user information according to claim 1, further comprising, after said denying access to the file to be accessed:
and generating prompt information for prompting the user that the file containing the user information is accessed.
5. The method of claim 2, wherein generating the plurality of permission fields according to the access attribute comprises:
and generating a plurality of permission fields by using a masccess function.
6. The method for accessing user information according to claim 1, further comprising, after said denying access to the file to be accessed:
updating the file to be accessed at regular time;
traversing and judging whether the file to be accessed has the newly added user file;
if yes, configuring the user file with the permission field;
if not, returning to the step of obtaining the file to be accessed.
7. An apparatus for accessing user information, comprising:
the acquisition module is used for acquiring a file to be accessed;
the judging module is used for judging whether the file to be accessed contains an authority field, wherein the authority field is generated by the configuration of a user file containing user information;
and the access refusing module is used for refusing to access the file to be accessed if the permission field is contained.
8. An apparatus for accessing user information, comprising:
a memory for storing a computer program;
a processor for implementing the steps of the method of accessing user information according to any one of claims 1 to 6 when executing the computer program.
9. A computer-readable storage medium, having stored thereon a computer program which, when being executed by a processor, carries out the steps of the method of accessing user information according to any one of claims 1 to 6.
CN202210727073.5A 2022-06-24 2022-06-24 Method, device, equipment and medium for accessing user information Active CN115001842B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210727073.5A CN115001842B (en) 2022-06-24 2022-06-24 Method, device, equipment and medium for accessing user information

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210727073.5A CN115001842B (en) 2022-06-24 2022-06-24 Method, device, equipment and medium for accessing user information

Publications (2)

Publication Number Publication Date
CN115001842A true CN115001842A (en) 2022-09-02
CN115001842B CN115001842B (en) 2023-06-16

Family

ID=83036483

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210727073.5A Active CN115001842B (en) 2022-06-24 2022-06-24 Method, device, equipment and medium for accessing user information

Country Status (1)

Country Link
CN (1) CN115001842B (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030050919A1 (en) * 2001-09-05 2003-03-13 International Business Machines Corporation Apparatus and method for providing access rights information in a portion of a file
CN101136050A (en) * 2006-08-31 2008-03-05 中兴通讯股份有限公司 Method for guarantying safety of file in embedded system
JP2009151592A (en) * 2007-12-21 2009-07-09 Duaxes Corp File access control device

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030050919A1 (en) * 2001-09-05 2003-03-13 International Business Machines Corporation Apparatus and method for providing access rights information in a portion of a file
CN101136050A (en) * 2006-08-31 2008-03-05 中兴通讯股份有限公司 Method for guarantying safety of file in embedded system
JP2009151592A (en) * 2007-12-21 2009-07-09 Duaxes Corp File access control device

Also Published As

Publication number Publication date
CN115001842B (en) 2023-06-16

Similar Documents

Publication Publication Date Title
US11658971B1 (en) Virtual firewalls for multi-tenant distributed services
CN108616490B (en) Network access control method, device and system
US10511496B2 (en) Method, system and computer program product for interception, quarantine and moderation of internal communications of uncontrolled systems
US8683322B1 (en) Method, system and computer program product for structuring unstructured data originating from uncontrolled web application
US8898796B2 (en) Managing network data
RU2498520C2 (en) Method of providing peer-to-peer communication on web page
CN107015996A (en) A kind of resource access method, apparatus and system
US10021139B2 (en) Method, system and computer program product for enforcing access controls to features and subfeatures on uncontrolled web application
US10447633B2 (en) Method and system for optimizing and preventing failure of sender policy framework (SPF) lookups
CN103781055A (en) Data downloading method and associated device
CN102624918A (en) Proxy access method based on URL (Uniform Resource Locator) rewriting technique
GB2533101A (en) Distributing a network access policy
WO2006071324A2 (en) Imroved bitmask access for managing blog content
CN102752411A (en) Redirection method and device
CN114726608A (en) Honeypot drainage method, honeypot drainage device and honeypot drainage medium
CN110413846A (en) For the data processing method of webpage mirror image, device and computer readable storage medium
CN104811418A (en) Virus detection method and apparatus
US20140115076A1 (en) Anonymous Notification System and Method with Reduced Traceability on End Device
CN115001842B (en) Method, device, equipment and medium for accessing user information
CN115664736A (en) Method, device, equipment and medium for sharing data
WO2014169497A1 (en) Method and server for pushing media file
CN101179550B (en) Personal homepage implementing method and system
CN111866100A (en) Method, device and system for controlling data transmission rate
Venter Optimising internet bandwidth in developing country higher education
Douglas Circumvention of censorship of internet access and publication

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant